Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Access ManagementIdentity Management

High Tech Security That Fits in A Wallet

By Sue Marquette Poremba
Woman using a smart card
July 1, 2011
Woman using a smart card

Depending on how the card is used will determine the level of encryption needed. The more critical and sensitive the data are, the more encryption should be added to the smart card, making it harder for anyone to hack into the information the card holds. Adding a biometrics layer to the encryption will bump up the level of protection even further, making it almost impossible for someone else to get access to the card’s data.

The University of Arizona, like major research universities across the country, found that many of its grants and contracts were tied to higher levels of access security. Access to buildings with old-fashioned keys and locks or cards with magnetic strips swiped into pin pads didn’t provide the amount of security the University was looking for. So the school made the switch to smart cards.

“We use smart cards primarily for access control into high secure areas.  Either tap, tap and 4-digit pin, or tap and biometric fingerprint,” says Diane Tatterfield, Assistant Director, CatCard Services at the University of Arizona. “In anticipation of future applications, we have added an area for transit. We prefer read only so that changes can easily be made in a database vice having to re-card 75,000 active cardholders should a new application be implemented.” 

The University of Arizona is just one of a growing number of organizations and institutions moving to smart card use. ABI Research, which recently released the study Government and Healthcare Citizen ID Cards, estimates that 1.5 billion smart cards or credentials will be issued through 2014.

Smart cards, ABI Research says, have become essential tools for organizations to combat fraud and to create a better sense of security. The cards cover a wide range of uses – they can open doors; they can carry financial data; they can provide access into secure areas.

The way we think about smart cards and their role in security was driven with the events of September 11, 2001, Martin Janiak, president of Veridt, explains. He points to the moment he believes smart cards really took off as a risk management tool – when the nation’s ports began requiring transportation workers to have smart cards that needed background checks. Having the smart cards showed truckers and others who worked in transport had gone through a vetting process and could have direct access to ports.  Government entities began to incorporate smart card use, and over time the mandate for higher security has moved into the private sector.

Technology in smart cards has advanced considerably over the years, adding biometrics as an additional security level to help prevent fraud. Janiak says another level of security can be added with digital certificates. According to Janiak, today’s smart cards can be linked directly to an individual via biometrics, while the certificate verifies the card’s validity, making sure it hasn’t been revoked or compromised.

Smart cards help prevent fraud and reduce risk because they create a layered security environment. For example, a card is linked to an individual so that person can go through the front gate of a building. But once that card is read by the reader, it determines first if the individual is allowed access and then where else in the facility the individual will have access to. A card equipped with biometrics can ensure that this person truly is permitted access to restricted areas. Bottom line, with a layered approach, says Janiak, security management can invoke higher levels of clearance with relative ease and confidence that people entering certain areas are allowed to be there.

Biometrics provide important protection if the smart card is lost or stolen, since the biometric data stored can only belong to one person. But biometrics is not going to be the security solution for everyone, says Tatterfield.

“Being a research facility, we found that some people’s fingerprints are hard to read, or can’t be enrolled, because they deal with chemicals and their fingerprints are worn off,” she says. “In that case, readers have to be swapped out with pin pads.”

For as secure as the smart cards are, Tatterfield does have some concerns about using them on her campus. “As we saw with MiFare, it was hacked but in a controlled environment,” she says. (MiFare is the trademark of a series of chips used in contactless smart cards.) “With ‘compartments’ now going to ‘data streams,’ I feel more secure with the advanced cards; however, we constantly have to stay ahead of the bad guys.” Tatterfield adds that another concern for smart card use is the size of the University of Arizona. “With an institution of this size, sometimes it is very challenging to develop a migration path to the next level of security without having to re-card a mass amount of people. If you have the project management skill set, along with the subject matter experts, usually a good plan can be put in place providing the industry supports migration research and development.”

Woman holding a smart card

Smart cards, ABI Research says, have become essential tools for organizations to combat fraud and to create a better sense of security. The cards cover a wide range of uses – they can open doors; they can carry financial data; they can provide access into secure areas.

How to incorporate smart card security into an organization really depends on its overall security plan. Once a company understands the ground rules require for security operations, then it can move into deciding how to best incorporate a smart card into the business. Are the risks of unauthorized access high or low? If it is high, is turning to biometrics the best way to control who has access to an area? Does the company want to be able to verify that the person with access is who he says he is? Security risks are best mitigated if there is a solid security policy and plan in place before instituting new technology, according to Janiak.

Organizations also want to consider what kind of applications the smart cards are being used for and what information is being protected, explains Jennifer Toscano, marketing manager with Ingersoll Rand. Depending on how the card is used will determine the level of encryption needed. The more critical and sensitive the data are, the more encryption should be added to the smart card, making it harder for anyone to hack into the information the card holds. Adding a biometrics layer to the encryption will bump up the level of protection even further, Toscano adds, making it almost impossible for someone else to get access to the card’s data.

However, Shane Cunningham, marketing communications manager with Digital Identification Solutions, warns that when buying into smart card technology, it should be the newer technologies on the market, rather than older technologies, especially those like the earlier versions of Mifare, that has been hacked. The latest technologies, Cunningham points out, have better encryption.

While the point of using smart cards is to reduce security risks, smart cards come with their own inherent risks that need to be taken into consideration. One of the biggest smart card risks is loss or theft, says Andrew Peterson, senior manager with Kanematsu. Cards will have different levels of security. Take a college student ID, for example. Many students use their cards as a credit or debit card, and the only verification of its use is a signature, which may or may not be checked. On the other hand, a card with a biometric layer of security would require the user to provide, say, a fingerprint before access is permitted.

However, one of the fundamental features to the smart card system is each card holder is added to a database, with information to uniquely identify that individual. Within the database, the administrator can set permission levels. If the card is lost or stolen, and reported, the card number can be flagged. If it isn’t reported, access can be revoked because the person is using it to enter into an unauthorized area or tries to enter the building in the morning when the card only allows access in late afternoon and evening hours, for example.

Because buying smart cards can be a drain on the budget, some companies try to cut down on expenses by recycling or reissue old cards. This cuts down on the overall effectiveness of the card. What often happens, Cunningham explains, is an adhesive skin is attached to the card, and to the skin, personalization such as hologram lamination or UV printing is added. The problem is, the skin can be easily removed and replaced while the data on the card stays the same, meaning it would be simple for someone with a lower security access to co-op another person’s higher security card.

Even though smart cards have been around for years, the advances in technology have helped make the cards an easy and convenient fraud and risk management solution.

KEYWORDS: ID card identity (ID) management smart cards

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Sue Marquette Poremba is a contributing writer.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • high feat

    How High-Tech Identity Management Gets Personal

    See More
  • New Newswire Feature Image 3/8/2012

    NYC Public Housing Gets High-Tech Security

    See More
  • Chief of Security and Transportation Jeff Karpovich stands outside one of the High Point University Welcome Centers

    Developing a High-Class Security Brand

    See More

Related Products

See More Products
  • 9780367259044.jpg

    Understanding Homeland Security: Foundations of Security Policy

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing